India has reportedly mandated cybersecurity audits for all cryptocurrency exchanges, custodians, and intermediaries, with the Financial Intelligence Unit (FIU) directing that virtual digital asset (VDA) service providers must hire auditors empanelled with the Indian Computer Emergency Response Team (CERT-In), according to a Sept. 17 report by the Economic Times. Cert-In, under the Ministry of Electronics and Information Technology, oversees the country’s cybersecurity infrastructure. Completion of these audits is now mandatory for FIU registration, effectively placing VDA service providers under the same compliance obligations as banks, as defined by the Prevention of Money Laundering Act, 2002.

Addressing the government’s move, Harshal Bhuta, partner at P. R. Bhuta & Co., was quoted by the news outlet as saying:

The introduction of cyber security audits in all likelihood is triggered by recent crypto thefts in a few exchanges.

“At the same time, strict compliance with the CERT-in directions dated 28th April 2022, such as log maintenance and retention of subscriber data for prescribed period, would aid investigative agencies in tracing funds layered and obscured through cryptocurrency transactions,” he added.

Crypto-related crimes have surged, now representing 20–25% of India’s total cyber offenses, data from local platform Giottus showed. Offenders typically rely on darknet markets, privacy-enhancing coins, mixers, and exchanges with weak oversight to obscure illicit fund flows. In parallel, the FIU has substituted the “Fit & Proper” certificate with the new “Partner Accreditation for Compliance & Trust” certificate, signaling a narrower focus on regulatory compliance.

Although some legal experts consider the measure a step toward enhanced user safeguards, concerns persist over whether auditors accustomed to financial institutions can address crypto-specific vulnerabilities like private key security. Broader industry issues remain unresolved, including high taxation and regulatory uncertainty.

India has adopted a cautious approach to cryptocurrency regulation, avoiding full legal integration over concerns it could legitimize volatile assets and pose systemic risks. Gains from crypto assets are taxed at 30%, with a 1% tax deducted at source (TDS) on transactions. The Income‑Tax Bill 2025 formally defines VDAs and mandates reporting by entities handling them. A government document notes ongoing regulatory hesitation, with officials warning that a ban would not stop decentralized trading and that oversight remains difficult. The document also highlights concerns that U.S. stablecoin legislation could disrupt global payments and undermine India’s payment systems.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。